GCVE - cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:x86:*

Approved changes feed: RSS · Atom

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:x86:*

part: a version: * update: *

Vendor	Mozilla (`be1b0d4e-21a7-5a25-9982-bbda6ef43ec1`)
Product	Firefox (`d152d976-2d5e-5cc4-89b6-e80c6d067896`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	x86
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/firefox`	purl2cpe	2026-06-01 10:17:53.139465
`pkg:mozilla/mozilla-central`	purl2cpe	2026-06-01 10:17:53.139467
`pkg:rpm/fedora/firefox`	purl2cpe	2026-06-01 10:17:53.139468
`pkg:rpm/opensuse/mozillafirefox`	purl2cpe	2026-06-01 10:17:53.139469

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-29945`	vulnerable	2026-06-03 14:44:20.957986	Details available The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. Published: 2021-06-24T13:19:50.000Z Updated: 2024-08-03T22:18:03.472Z Open on db.gcve.eu Reference links https://www.mozilla.org/security/advisories/mfsa2021-14/ https://www.mozilla.org/security/advisories/mfsa2021-16/ https://www.mozilla.org/security/advisories/mfsa2021-15/ https://bugzilla.mozilla.org/show_bug.cgi?id=1700690	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-5165`	vulnerable	2026-06-03 14:38:57.185662	Details available In 32-bit versions of Firefox, the Adobe Flash plugin setting for "Enable Adobe Flash protected mode" is unchecked by default even though the Adobe Flash sandbox is actually enabled. The displayed state is the reverse of the true setting, resulting in user confusion. This could cause users to select this setting intending to activate it and inadvertently turn protections off. This vulnerability affects Firefox < 60. Published: 2018-06-11T21:00:00.000Z Updated: 2024-08-05T05:26:47.013Z Open on db.gcve.eu Reference links https://bugzilla.mozilla.org/show_bug.cgi?id=1451452 https://www.mozilla.org/security/advisories/mfsa2018-11/ http://www.securitytracker.com/id/1040896 http://www.securityfocus.com/bid/104139	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-12393`	vulnerable	2026-06-03 14:38:04.265538	Details available A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. Note: 64-bit builds are not vulnerable to this issue.. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3. Published: 2019-02-28T18:00:00.000Z Updated: 2024-08-05T08:31:00.111Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/105769 https://www.debian.org/security/2018/dsa-4324 https://www.mozilla.org/security/advisories/mfsa2018-28/ https://www.mozilla.org/security/advisories/mfsa2018-26/ https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.